01
Attackers mainly exploit human behavior, not just technical weaknesses
Trust, urgency, authority, and habit are more effective than many technical exploits. Firewalls do not stop bad judgment under pressure.
Radflow × Epahs makes security awareness memorable
No IT knowledge needed to understand how hacking works.
In this interactive workshop, participants step into the mindset of an attacker. No abstract theory. No technical jargon. Just direct insight into how trust, pressure, and routine create real security risk.
+ 90%
See security differently right away
+ 30%
Apply safer behavior within 3 months
+ 10%
Lower human-related incidents in 3 to 6 months
The core problem
Organizations protect technology. Attackers target psychology.
Security controls protect systems. But systems are still operated by people. Under pressure, in routine, and inside hierarchy, people make predictable decisions attackers know how to exploit.
02
Employees make mistakes because the situation feels normal
A realistic request from someone who appears senior often triggers fast compliance. That is exactly what attackers count on.
03
Hierarchy and group dynamics amplify the risk
People rarely challenge authority in the moment. The workshop shows how easily this can be abused in everyday business settings.
04
Compliance does not automatically create safe behavior
Teams may know the rules, yet still behave differently when they are distracted, overloaded, or rushed. Awareness has to survive real context.
Prevention costs thousands. Incidents cost millions.
The question is not whether your organization will ever be targeted. The question is whether your people will recognize the moment it happens and respond differently.
What participants experience
Practical theory. Clear language. No technical background required.
Participants experience how quickly assumptions, habits, and small process gaps can create large security risks. That makes the lessons stick.
1
How attackers actually think
Participants see how much information can be gathered from LinkedIn, signatures, websites, and one well-placed call.
2
Why people become the weakest link
Not because people are careless, but because attackers exploit trust, routine, and time pressure in very ordinary situations.
3
How manipulation works in practice
Interactive exercises make social engineering visible and concrete, so participants recognize the pattern in their own environment.
4
What it means for their own organization
The workshop connects directly to daily work, internal habits, and process design. That is where durable behavior change starts.
Led by
Two experts. Two perspectives.
The workshop combines security and behavioral psychology, because cyber risk is not only a technical problem.
Riduan Maas
Technical Innovator and Hacking Workshop Lead
Radflow
Riduan works at the intersection of technology, strategy, and human behavior. In the workshop he makes attacker thinking tangible without forcing participants into technical detail.
Mohamed Alkassab
Work and Organizational Psychologist
Epahs
Mohamed specializes in sustainable behavior change inside organizations. He connects psychology, hierarchy, and group dynamics to the exact patterns that make social engineering effective.
Formats
Choose the format that fits your organization.
Both formats are practical, direct, and built to create lasting awareness. The main difference is depth and group size.
2 hours
EUR 2,887
Compact, sharp, and confrontational. Suitable as an awareness intervention or as the start of a wider security program.
- Attacker psychology explained in plain language
- Manipulation techniques and realistic scenarios
- Interactive attack and defense exercises
- Directly applicable lessons for daily work
- Up to 30 participants
Most chosen
4 hours
EUR 4,949
Everything from the 2-hour format, with deeper analysis, more exercises, and more room to connect lessons to your own processes.
- Analysis of real incident patterns
- Reflection on internal routines and blind spots
- Extended group exercises with debrief
- 30 participants included, more possible
- Recommended for organizations aiming at culture change
Add-ons available for stronger security awareness follow-up.
- Post-workshop report
- One-month evaluation
- KPI measurement
- AVG and NIS2 documentation support
- Extra participants at EUR 85 per person
Strategic value
More than a workshop. A practical investment in resilience.
The session is intentionally disruptive. It is designed to trigger awareness, better process decisions, and more grounded digital maturity.
Risk reduction
Teams recognize suspicious patterns faster and reduce the chance of successful attacks through the human layer.
Stronger governance
The workshop supports compliance efforts by turning policy into concrete, memorable behavior.
Higher digital maturity
Organizations that understand attack patterns are better prepared to digitalize without adding avoidable risk.
Behavior change
This is not training people forget after a week. It creates a reference point teams use in practice.
FAQ
Common questions
No. The workshop is designed for everyone in the organization, from reception to management. No IT background is required. The exercises and examples are built around everyday work situations.
The standard formats accommodate up to 30 participants. Larger groups are possible at EUR 85 per additional person. For groups above 60 we recommend splitting into two sessions for better interaction.
Yes. NIS2 requires organizations to address human risk through awareness training. This workshop directly supports that requirement. We also offer documentation support for AVG and NIS2 compliance as an add-on.
On location at your organization anywhere in the Netherlands. We bring all materials. You provide a room that fits your group.
The 2-hour format covers attacker psychology, social engineering techniques, and interactive exercises. The 4-hour format adds analysis of real incident patterns, deeper group exercises with debrief, and more time to connect lessons to your own processes. We recommend the 4-hour format for organizations aiming at lasting culture change.
Contact
Ask about the hacking workshop
Tell us about your team, the group size, and what you want this workshop to achieve. We reply within 1 business day with the most suitable format and a practical next step.